3 Replies Latest reply on Mar 6, 2012 9:22 AM by spyhunter99

    How to secure WSDL file access

    Sudhir Kumar Jha Newbie

      Hello Everybody,

       

      I don't know how to secure access of my published WSDL file from other than intended recipient.

       

      I tried some thing like this in web.xml file:

       

       

          <security-constraint>

              <display-name>Sudhir Access</display-name>

              <web-resource-collection>

                  <web-resource-name><Java file which had web method></web-resource-name>

                  <description>path of wsdl</description>

                  <url-pattern>/*</url-pattern> <!--- do i need to give physically complete path(through which we access the WSDL)-->

                  <http-method>POST</http-method>

                  <http-method>TRACE</http-method>

                  <http-method>DELETE</http-method>

              </web-resource-collection>

              <auth-constraint>

                  <description/>

                  <role-name>sudhir</role-name>

              </auth-constraint>

              <user-data-constraint>

                  <description/>

                  <transport-guarantee>CONFIDENTIAL</transport-guarantee>

              </user-data-constraint>

          </security-constraint>

          <login-config>

              <auth-method>BASIC</auth-method>

              <realm-name>sudhi</realm-name>

          </login-config>

          <security-role>

              <description>Admin</description>

              <role-name>sudhir</role-name>

          </security-role>

      </web-app>

       

      I had developed web service using Jboss developer studio and jboss server

      Please share your ideas to do the same.

       

       

      Thanks & Regards,

      Sudhir Jha